CentOS: Security Advisory for bpftool (CESA-2020:0839)

The remote host is missing an update for the 'bpftool' package(s) announced via the CESA-2020:0839 advisory.

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: Count overflow in FUSE request leading to use-after-free issues. (CVE-2019-11487) * kernel: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel lacks a certain upper-bound check, leading to a buffer overflow (CVE-2019-17666) * Kernel: KVM: export MSR_IA32_TSX_CTRL to guest - incomplete fix for TAA (CVE-2019-11135) (CVE-2019-19338) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * kernel-rt: update to the RHEL7.7.z batch#5 source tree (BZ#1794131) The system must be rebooted for this update to take effect. 1703063 - CVE-2019-11487 kernel: Count overflow in FUSE request leading to use-after-free issues. 1763690 - CVE-2019-17666 kernel: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel lacks a certain upper-bound check, leading to a buffer overflow 1781514 - CVE-2019-19338 Kernel: KVM: export MSR_IA32_TSX_CTRL to guest - incomplete fix for TAA (CVE-2019-11135) Description truncated. Please see the references for more information.

'bpftool' package(s) on CentOS 7.

Checks if a vulnerable package version is present on the target host.

Please install the updated package(s).